Border Search Bill Would Rein in CBP

Border Searches of U.S. Persons’ Digital Devices Would Require a Warrant

As promised by Sen. Wyden in February, a bill was introduced this week in Congress that would require U.S. Customs and Border Protection or other government agents to obtain a probable cause warrant before searching the digital devices of U.S. citizens and legal permanent residents at the border.

Data provided by the Department of Homeland Security shows that searches of cellphones by border agents has exploded, growing fivefold in just one year, from fewer than 5,000 in 2015 to nearly 25,000 in 2016. According to DHS officials, 2017 will be a blockbuster year. Five-thousand devices were searched in February alone, more than in all of 2015.

We have been arguing for a while that the Fourth Amendment requires a warrant based on probable cause for border searches of cell phones, laptops, and other digital devices that contain gigabytes of highly personal information.

We most recently made these arguments in an amicus brief before the U.S. Court of Appeals for the Fourth Circuit in the case U.S. v. Kolsuz. We have not distinguished between U.S. persons and foreign nationals—for example, Mr. Kolsuz, whose iPhone was searched twice by CBP and Department of Homeland Security officials without a warrant, is a Turkish citizen. We nevertheless support the Protecting Data at the Border Act, even though it more narrowly focuses on the rights of U.S. citizens and green card holders.

CBP unreasonably argues that the privacy interest travelers have in digital devices is no different than that of luggage or other physical items travelers may bring with them across the border, thus CBP applies to digital devices the traditional “border search exception” to the Fourth Amendment, which permits warrantless and suspicionless “routine” border searches.

However, there is nothing “routine” about unregulated government intrusion into a device that contains, as the Supreme Court has said, “the sum of an individual’s private life.” As the bill’s findings state, the privacy interest in digital data “differs in both degree and kind from [the] privacy interest in closed containers.”

In addition to the warrant requirement, the Protecting Data at the Border Act would prohibit the government from delaying or denying entry or exit to a U.S. person based on that person’s refusal to hand over a device passcode, online account login credentials, or social media handles to a border agent.

During an April 5 hearing in the Senate Homeland Security & Governmental Affairs Committee, Sen. Paul grilled DHS Secretary John Kelly (starting at 2:15) on CBP agents denying entry to Americans, or threatening to do so, for refusing to provide access to their cell phones. Sen. Paul said, “That’s obscene.” Secretary Kelly appeared woefully ignorant about what is happening with privacy at the border and even incorrectly asserted that border searches of digital devices have not “significantly” increased since President Trump took office. He promised to look into the issue and get back to Sen. Paul.

Related Updates

This summer 143 million Americans had their most sensitive information breached, including their name, addresses, social security numbers (SSNs), and date of birth. The breach occurred at Equifax, one of the three major credit reporting agencies that conducts the credit checks relied on by many industries, including landlords, car lenders...

EFF sent California Gov. Jerry Brown a letter urging him to sign S.B. 31. This bill, authored by Sen. Ricardo Lara, would prevent state and local government in California from assisting the federal government in creating a registry based on religious belief, national origin, or ethnicity. All too...

In April 2017, Terry Spears shared his story with San Diego’s local public media station KPBS on what it’s like to be listed in the CalGang database. Even though Mr. Spears says he has never been in a gang, it hasn’t stopped law enforcement from harassing him, and he once...

Because the global Internet carries data acrossinternationalborders, police often seek digital evidence stored in another country. To obtain such cross-border data, police generally must gain approval from the government whose territory hosts the data, under an international web of Mutual Legal Assistance Treaties (MLATs)...

Since 2014, our digital security guide, Surveillance Self-Defense (SSD), has taught thousands of Internet users how to protect themselves from surveillance, with practical tutorials and advice on the best tools and expert-approved best practices. After hearing growing concerns among activists following the 2016 US presidential election, we pledged...

In the dead of night, the California Legislature shelved legislation that would have protected every Internet user in the state from having their data collected and sold by ISPs without their permission. By failing to pass A.B. 375, the legislature demonstrated that they put the profits of Verizon, AT&T, and...

As the days wind down for the California legislature to pass bills, transparency advocates have seen landmark measures fall by the wayside. Without explanation, an Assembly committee shelved legislation that would have shined light on police use of surveillance technologies, including a requirement that police departments seek approval from...

Now that California’s Broadband Privacy Bill, A.B. 375, is headed for a final vote in the California legislature, Comcast, Verizon, and all their allies are pulling out all the stops to try to convince state legislators to vote against the bill. Unfortunately, that includes telling legislators about made-up problems the...

Boston, Massachusetts—The Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) sued the Department of Homeland Security (DHS) today on behalf of 11 travelers whose smartphones and laptops were searched without warrants at the U.S. border. The plaintiffs in the case are 10 U.S. citizens and...